Facebook dismantled a huge spam campaign leveraging bogus accounts

Facebook disrupted an international spam campaign leveraging on bogus accounts used to create “likes” and bogus comments.

The security team at Facebook has disrupted an international spam operation after a six months investigation. The company has neutralized a coordinated campaign that was leveraging on bogus accounts used to create inauthentic likes and comments.

“Today we are taking another step to disrupt a spam operation that we have been combating for six months. It is made up of inauthentic likes and comments that appear to come from accounts located in Bangladesh, Indonesia, Saudi Arabia, and a number of other countries.” states a blog post published by Facebook.”We found that most of this activity was generated not through traditional mass account creation methods, but by more sophisticated means that try to mask the fact that the accounts are part of the same coordinated operation.”

The intent of the campaign was to deceptively increase their social network by adding new friend connections by liking and interacting primarily with popular publisher Pages on Facebook. The attacker used their network of connections to send out spam messages. A huge number of bogus accounts became dormant after liking a number of Pages, “suggesting they had not been mobilized yet to actually make connections and send spam to those people.”

Systems at Facebook were able to identify the fraudulent activities and to remove a significant volume of inauthentic likes, even if attackers used tricks to avoid detection such as the traffic redirection through “proxies” that disguised their location.

“By disrupting the campaign now, we expect that we will prevent this network of spammers from reaching its end goal of sending inauthentic material to large numbers of people.” continues Facebook.

As result of the Facebook activity, the experts at the company expect that 99% of impacted Pages with more than 10,000 likes will see a drop of less than 3%.

Facebook confirmed security improvement to its system to prevent any abuse of its platform, social networks are today privileged attack vectors for crooks.

“We’ve found that when people represent themselves on Facebook the same way they do in real life, they act responsibly,” said Shabnam Shaik, a company security manager.

“Fake accounts don’t follow this pattern, and are closely related to the creation and spread of spam.”

Share On

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.